用于缓存RolePrincipal的cookie文本的长度始终大于4096

时间:2012-08-22 17:14:39

标签: asp.net forms-authentication roleprovider role-based

我尝试为我的项目实现ASP.NET基于角色的授权,但我从未发现cookie已保存在客户端浏览器中。我尝试了一些测试代码,如

RolePrincipal rolePrincipal = new RolePrincipal(new GenericIdentity("a"));
string text1 = rolePrincipal.ToEncryptedTicket();

在这个简单的RolePrincipal对象中没有角色,Roles.CookieProtectionValue设置为'none'。但是text1的长度是4,688,大于4,096,因此无法将cookie推送到客户端浏览器中。

没有意义,否则无法使用cookie来缓存角色。

它出了什么问题?

由于

这是web.config中的相关部分

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" name=".TestAUTH"/>
</authentication>
<membership>
  <providers>
    <clear/>
    <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices"
         enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
         maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
         applicationName="/" />
  </providers>
</membership>

<profile>
  <providers>
    <clear/>
    <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
  </providers>
</profile>

<roleManager enabled="true" cookieName=".TestROLE" cookieProtection="None" cacheRolesInCookie="true" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="false" >
  <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
    <!--<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />-->
  </providers>
</roleManager>

3 个答案:

答案 0 :(得分:0)

尝试添加默认提供程序,因此:

<roleManager enabled="true" cookieName=".TestROLE" cookieProtection="None" cacheRolesInCookie="true" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="false" >
  <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
    <!--<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />-->
  </providers>
</roleManager>

到此:

<roleManager defaultProvider="AspNetSqlRoleProvider" enabled="true" cookieName=".TestROLE" cookieProtection="None" cacheRolesInCookie="true" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="false" >
  <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
    <!--<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />-->
  </providers>
</roleManager>

答案 1 :(得分:0)

不幸的是,这是由于.NET 4.5中底层类型的变化而设计的。您可以关闭在cookie中存储用户角色以防止此问题(http://msdn.microsoft.com/en-us/library/system.web.security.roles.cacherolesincookie.aspx)。

https://connect.microsoft.com/VisualStudio/feedback/details/759157/net-4-5-binaryformatter-serialization-generates-too-long-string

答案 2 :(得分:-1)

供参考:

Microsoft最近发布了一个修复此问题的更新。

请参阅KB 2750147